1 |
Hello everyone, |
2 |
|
3 |
I am working on Gentoo Identity, an LDAP web UI that aims to be a |
4 |
general-usage application that will allow users - developers - |
5 |
recruiters - administrators to configure their attributes easily from |
6 |
Gentoo's LDAP server. |
7 |
|
8 |
This week, I finished the basic documentation and pushed it to |
9 |
Identity's repo. Also, I performed a basic penetration testing. Thanks |
10 |
to Django which provides good security protection out of the box, |
11 |
Django is hardened by default from some basic attacks( XSS, Directory |
12 |
traversal, CSRF). In addition form built-in validation improves |
13 |
security more and prevents LDAP Injections. |
14 |
|
15 |
My plans for the last week are to improve user settings and add more |
16 |
fields. Finally, I will perform a final profiling before the hard |
17 |
'pencils down' now that mgorny and tampakrap implemented context |
18 |
managers and improved django-ldapdb. |
19 |
|
20 |
Source code for Gentoo Identity: https://github.com/gentoo/identity.gentoo.org |
21 |
|
22 |
Regards, |
23 |
Pavlos |